<?php

// GrabFile.php: Takes the details

// of the new file posted as part

// of the form and adds it to the

// myBlobs table of our myFiles DB.

//Ingresamos el usuario
$usuario= $HTTP_GET_VARS["fileId"]; 

global $login;
global $nombre;
global $apellido1;
global $apellido2;
global $tipousuario;
global $idua;
global $enteverificador;

global $direccion;
global $email;
global $telefono;

global $fileUpload;

global $fileUpload_name;

global $fileUpload_size;

global $fileUpload_type;


 //$vars = get_defined_vars();   
 //print_r($vars);  


if ($_FILES["file"]["error"] > 0) 
{ 
echo "Error: " . $_FILES["file"]["error"] . "<br />"; 
} 
else 
{ 
echo "Upload: " . $_FILES["file"]["name"] . "<br />"; 
echo "Type: " . $_FILES["file"]["type"] . "<br />"; 
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; 
echo "Stored in: " . $_FILES["file"]["tmp_name"]; 

}

$fileUpload= $_FILES["file"]["tmp_name"];
$fileUpload_name= $_FILES["file"]["name"];
$fileUpload_size= $_FILES["file"]["size"];
$fileUpload_type= $_FILES["file"]["type"];

//Datos ingresados por el usuario
$login = $_POST['username'];
$nombre= $_POST['nombre']; 
$apellido1= $_POST['apellido1']; 
$apellido2= $_POST['apellido2']; 
$tipousuario= $_POST['tipoUsuario']; 
$idua= $_POST['UA']; 
$enteverificador= $_POST['opcional']; 

//Datos ingresados por el usuario
$direccion = $_POST['Direccion'];
$email= $_POST['email']; 
$telefono= $_POST['tel']; 
 


//We start by declaring five global variables. When we pass any form values to a PHP script, PHP automatically makes the name of that element available to us as a global variable. So, for example, if I have a form element like this:

//<input type="text" name="myName" value="Mitchell Harper">

//... then if I posted this form to a PHP script using the post method, PHP would automatically create a variable named $myName, containing the value "Mitchell Harper". Form values are also stored in arrays, depending on the method used to post the form (get/post). For forms posted using the get method, they are stored in the associative array, $HTTP_GET_VARS, so I would access my form element like this:

//echo $HTTP_GET_VARS["myName"];

//For forms posted using the post method, that forms elements are stored in the $HTTP_POST_VARS associative array:

//echo $HTTP_POST_VARS["myName"];

echo $HTTP_POST_VARS["nombre_archivo"];

echo "Eres " . $_POST['username'] . "<BR>n"; 
echo "Eres2 " . $_POST['Vicerrectoria'] . "<BR>n"; 
echo "Eres3 " . $_POST['Intercambiable'] . "<BR>n"; 

//echo $HTTP_POST_VARS["fileUpload"];
//echo $HTTP_POST_VARS["fileUpload_name"];
//echo $HTTP_POST_VARS["fileUpload_size"];
//echo $HTTP_POST_VARS["fileUpload_type"];

/*The other four global variables that I've defined hold the details of our uploaded file. They are automatically created by PHP. Details of each of these variables are shown below:
$fileUpload: Contains the full path to the temporary file that PHP has stored our uploaded file in. On my Windows 2000 server, it looks like this: "C:\WINNT\TEMP\php29F7.tmp".
$fileUpload_name: The name of the file that we have uploaded, for example "myimage.gif".
$fileUpload_size: The size of the file that we have uploaded, in bytes.
$fileUpload_type: The content type of the file that we have uploaded, such as "image/gif" for a GIF image.
Next, we make sure that the user has entered both a file description and a file name (notice how the $fileUpload variable contains the value "none" when a file hasn't been uploaded):
*/
// Make sure both a description and

// file have been entered

/*
if($nombre_archivo == "none")

die("No subio el archivo");

//if(empty($nombre_archivo) || $fileUpload == "none")
if( $nombre_archivo == "none" || $fileUpload == "none")

die("You must enter both a description and file");

*/

//Obviously, we will be connecting to, and querying our database to add our file to the myBlobs table. We define the connection details for our database as variables:

// Database connection variables

$dbServer = "acuario.ecci.ucr.ac.cr";

$dbDatabase = "bdusj2";

$dbUser = "us2";

$dbPass = "usj2";

//PHP has several built-in functions that allow us to open and read files. We use the fopen and fread methods to open the uploaded file from the local directory on the web server, and then read its contents into a variable. The addslashes method escapes any apostrophises and double quotes in the file:

/*
$fileHandle = fopen($fileUpload, "r");

if($fileHandle == false)

die("No se pudo abrir el archivo");
*/

//echo $HTTP_POST_VARS["fileUpload_size"];

$fileContent = fread($fileHandle, $fileUpload_size);

$fileContent = addslashes($fileContent);

fclose($fileHandle);

//We connect to our database using PHP's built-in MySQL functions in combination with our database connection variables that we defined above:

$sConn = mysql_connect($dbServer, $dbUser, $dbPass)

or die("Couldn't connect to database server");



$dConn = mysql_select_db($dbDatabase, $sConn)

or die("Couldn't connect to database $dbDatabase");

//Once connected to the MySQL database, we run an insert query to actually add the details of our uploaded file (as a blob) to the myFiles table:

//UPDATE nombretabla SET nomcolumna=expresion WHERE condicion ; 
$dbQuery = "UPDATE Usuario SET Login= '$login', Nombre='$nombre', Apellido1='$apellido1', Apellido2='$apellido2', TipoUsuario='$tipousuario', IDUA='$idua' WHERE IDUsuario= '$usuario' ";
mysql_query($dbQuery) or die("Couldn't add file to database Usuario");

//Si existe una valor en ente verificador
if($enteverificador != "none")
{
//UPDATE nombretabla SET nomcolumna=expresion WHERE condicion ; 
$dbQuery = "UPDATE Evaluador SET EnteVerificador='$enteverificador' WHERE IDUsuario= '$usuario' ";
mysql_query($dbQuery) or die("Couldn't add file to database DatosPers");
}

//UPDATE nombretabla SET nomcolumna=expresion WHERE condicion ; 
$dbQuery = "UPDATE DatosPers SET Direccion='$direccion', Email= '$email', Telefono='$telefono'  WHERE IDUsuario= '$usuario' ";
mysql_query($dbQuery) or die("Couldn't add file to database DatosPers");

////Si el usuario queria cambiar la foto
if($fileUpload != "none"){
//UPDATE nombretabla SET nomcolumna=expresion WHERE condicion ; 
$dbQuery = "UPDATE Foto SET TipoFoto= '$fileUpload_type', Foto='$fileUpload', TamFoto='$fileUpload_size' WHERE IDUsuario= '$usuario' ";
mysql_query($dbQuery) or die("Couldn't add file to database");
}
//If the mysql_query function didn't succeed, then we our script calls the die function, which stops the execution of our script and outputs "Couldn't add file to database" to the clients browser. On the other hand, if the mysql_query function succeeded, then we output the details of the uploaded file to the browser:

echo "<h1>File Uploaded</h1>";

echo "The details of the uploaded file are shown below:<br><br>";

echo "<b>IDUsuario:</b> $usuario <br>";

echo "<b>Login:</b> $login <br>";

echo "<b>Nombre:</b> $nombre <br>";

echo "<b>Apellido1:</b> $apellido1 <br>";

echo "<b>Apellido2:</b> $apellido2 <br><br>";

echo "<b>TipoUsuario:</b> $tipousuario <br>";

echo "<b>IDUA:</b> $idua <br>";

echo "<b>Intercambiable:</b> $Intercambiable <br><br>";

//echo "<a href='AdminPlantillas.php'>Add Another File</a>";

echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0;URL=http://acuario.ecci.ucr.ac.cr/SISADPRO_malincy/Administrar.php?side=admin&content=eval\">";